package com.my.shrio.realm;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.my.shrio.entiy.Permission;
import com.my.shrio.entiy.Role;
import com.my.shrio.entiy.User;
import com.my.shrio.entiy.UserRole;
import com.my.shrio.mapper.PermissionMapper;
import com.my.shrio.mapper.RoleMapper;
import com.my.shrio.mapper.UserMapper;
import com.my.shrio.mapper.UserRoleMapper;

public class MyShrio extends AuthorizingRealm {

	@Autowired
	private UserMapper userMpper;
	@Autowired
	private UserRoleMapper userRoleMapper;
	@Autowired
	private PermissionMapper permissionMapper;
	@Autowired
	private RoleMapper roleMapper;
	
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
		String loginName=(String) principalCollection.fromRealm(getName()).iterator().next();  
        //此处连库匹配了登录用户的数据，具体怎么做，需要根据个人需求而定
		User u = new User();
		u.setUsername(loginName);
        List<User> user=userMpper.getAll(u);
        
        //获取用户的角色名称
        UserRole userRole = new UserRole();
        userRole.setUserId(user.get(0).getId());
        List<UserRole> userRoleList = userRoleMapper.getAll(userRole);
        Set<String> roles = new HashSet<String>();
        //获取用户的权限
        Permission permission = new Permission();
        permission.setRoleId(userRoleList.get(0).getRoleId());
        List<Permission> perList = permissionMapper.getAll(permission);
        List<String> perArr = new ArrayList<String>();
        if(user!=null){  
            SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
            for(UserRole ur:userRoleList){
            	Role obj = new Role();
            	obj.setId(ur.getRoleId());
            	
            	List<Role> roleList = roleMapper.getAll(obj);
            	roles.add(roleList.get(0).getRolename());
            }
            info.setRoles(roles);
            for (Permission p : perList) {
            	perArr.add(p.getPermissionname());
            }  
            info.addStringPermissions(perArr);  
            return info;  
        }  
        return null;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
		UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;  
        //判断用户登录状态
		User u = new User();
		u.setUsername(token.getUsername());
        List<User> user=userMpper.getAll(u);
//        User user=userService.findByName(token.getUsername());  
        if(user!=null){  
            //保存用户登录信息到认证中
            return new SimpleAuthenticationInfo(user.get(0).getUsername(), user.get(0).getPassword(), getName());  
        }  
        return null;
	}

}
